Patch Analysis for March 2013

This month on the server front, an interesting patch for SharePoint Server 2010 is addressed with Bulletin MS13-024. The vulnerabilities affect systems that run SharePoint Server or are connected to a SharePoint server as in web browser clients because the holes allow malicious JavaScripts to be sent back to the user's browser.  Other bulletins affect primarily client systems including patches for IE, Silverlight, Visio Viewer, OneNote and Outlook for Mac and for Windows in which several vulnerabilities in Kernel-mode drivers that could allow an attacker access through USB drives (MS13-027).  Note that one of the vulnerabilities in IE has already been publicly disclosed so it’s probably already being packaged up into ‘sploit kits.  Don’t waste time before deploying that patch.

Break away from WSUS and get centralized enterprise patch for Microsoft AND Flash, Acrobat, Java, and even for other platforms – all on one pane of glass with Lumension Patch and Remediation. But patch is just one slice of the pie. Add full endpoint security (AV, patch, encryption, device control, app control) to that same pane of glass with the Lumension® Endpoint Management and Security Suite. One agent, one console to address all risk vectors.
BulletinExploit Types
/Technologies Affected
System Types AffectedExploit
details public?
/ Being exploited?
Comprehensive,
practical
workaround
available?
MS severity ratingProducts AffectedNotesRandy's recommendation
MS13-024

2780176
Privilege elevation

/ Sharepoint
Workstations
Terminal Servers
Sharepoint Servers
No/NoNoCritical SharePoint Foundation 2010
SharePoint Server 2010
 Patch after testing
MS13-023

2801261
Arbitrary code

/ Visio
Workstations
Terminal Servers
No/NoNoCritical Visio 2010 Viewer
 Patch after testing
MS13-027

2807986
Privilege elevation

/ Kernel mode drivers
Workstations
No/NoYesImportant XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Restart req'dPatch after testing
MS13-021

2809289
Arbitrary code

/ Internet Explorer
Workstations
Terminal Servers
Yes/NoNoCritical XP
Vista
Server 2003
Server 2008
Server 2008 R2
Windows 7
Windows 8
Server 2012
Restart Req'dPatch after testing
MS13-026

2813682
Information disclosure

/ Outlook
Workstations
No/NoNoImportant Office 2008 for Mac
Office 2011 for MAC
 Patch after testing
MS13-022

2814124
Arbitrary code

/ Silverlight
Workstations
Terminal Servers
Win Media Services Servers
Virtual PC
Virtual Servers
Web Servers
Web Hosting Servers
No/NoYesCritical Silverlight 5
 Patch after testing
MS13-025

2816264
Information disclosure

/ OneNote
Workstations
Terminal Servers
No/NoNoImportant OneNote 2010
 Patch after testing

Receive Randy's same-day, independent analysis each Patch Tuesday

Email:
We will not share your address. Unsubscribe anytime. 

"Thank you. I am very glad I subscribed to this newsletter.  Relevant content clearly and concisely. Finally!!!"

- John K.

"I really like the Fast Facts on this Month's Microsoft Security Bulletins. Do you keep old copies? If yes, please let me know how I can access them?"

-Susan D.

"Thanks, Randy. Your regular updates have streamlined my monthly patching. Much appreciated,"

-  Steve T.

"Really appreciate your patch observor. In the corporate IT world, anything we can get our hands on that speeds the process of analyzing threats and how they may or may not apply to our environments is a God-send. Thanks so much for your efforts."

- Tess G.

"Many thanks for this Randy"

- Roger G.

"The chart is a REAAALLY good idea :)"

- Phil J.

"I like the table. Your insight is very valuable. "

Tom C.

"I liked your high level overview of patches in the table. There are so many sources of patch information which can be very specific or surrounded by other stuff that it’s refreshing to get everything summarised like this. The “Randy’s Recommendation” comment is useful starting point too. Please keep up the good work."

- David A.

"Your Patch Observer is a very good tool in making the decision whether to patch or not to patch. And also to patch asap or to wait a while before patching. Also I do think the use of the table is realy improving the readability of the provided information."

- Gerard T.